Download
| Alert*
oval:org.secpod.oval:def:64146
Several vulnerabilities were discovered in the Dovecot email server, which could cause crashes in the submission, submission-login or lmtp services, resulting in denial of service. oval:org.secpod.oval:def:70209 dovecot: IMAP and POP3 email server Several security issues were fixed in Dovecot. oval:org.secpod.oval:def:504742 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix: * dovecot: ... oval:org.secpod.oval:def:89050485 This update for dovecot23 to 2.3.10 fixes the following issues: Security issues fixed: - CVE-2020-10957: Fixed a crash caused by malformed NOOP commands . - CVE-2020-10958: Fixed a use-after-free when receiving too many newlines . - CVE-2020-10967: Fixed a crash in the lmtp and submission components ... oval:org.secpod.oval:def:118258 Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. oval:org.secpod.oval:def:118274 Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages. oval:org.secpod.oval:def:1801786 In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp.In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-logi ... oval:org.secpod.oval:def:705477 dovecot: IMAP and POP3 email server Several security issues were fixed in Dovecot. oval:org.secpod.oval:def:89000480 This update for dovecot23 fixes the following issues: Security issues fixed: - CVE-2020-10957: Fixed a crash caused by malformed NOOP commands . - CVE-2020-10958: Fixed a use-after-free when receiving too many newlines . - CVE-2020-10967: Fixed a crash in the lmtp and submission components caused by ... oval:org.secpod.oval:def:2500085 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. oval:org.secpod.oval:def:1504492 [1:2.3.8-4] - fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts - fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation - fix CVE-2020-12674 crash due to assert in RPA implementation [1:2.3.8-3] - fix CVE-2020-10957 dovecot: malformed NOOP commands leads to DoS - ... oval:org.secpod.oval:def:604861 Several vulnerabilities were discovered in the Dovecot email server, which could cause crashes in the submission, submission-login or lmtp services, resulting in denial of service. oval:org.secpod.oval:def:68005 Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Security Fix: * dovecot: ... |